Computer Crime Research Center

Fresh warning on IT crime

According to The Age, sniffing, snorting, phishing, phreaking, spamming. Get used to it. These are part of the new language of IT and the weapons of war used in the computer crime arms race.

Last week's AusCERT conference ratcheted up the debate on problems confronting the IT security community - a sector bedevilled by critical gaps in information, escalating risks and no time to deal with them.

The 2004 Computer Crime &Security Survey, provided by AusCERT and Australia's law enforcement agencies, is an up-to-date analysis of trends in computer crime, network attack and other misdeeds.

Regarded as a useful annual benchmark rather than a scientifically rigorous portrayal of the market, it is based on a modest sample and has yet to define individual incidents in sufficient detail to make the figures meaningful.

This is the survey's third year. AusCERT general manager Graham Ingram promises future surveys will respond to the common cry from security professionals that if you can't measure it, you can't manage it.

"We measure speed and price, but we are not very good at the metrics needed to protect security and privacy," says Eugene Spafford, a professor from Purdue University in the US, who spoke at the conference by electronic link-up.